only consider non expired tokens

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
Jens Langhammer 2023-10-05 20:05:08 +02:00
parent e176e11b82
commit 01cebcfcec
No known key found for this signature in database
1 changed files with 1 additions and 1 deletions

View File

@ -18,7 +18,7 @@ class MobileDeviceTokenAuthentication(BaseAuthentication):
"""Token-based authentication using HTTP Bearer authentication""" """Token-based authentication using HTTP Bearer authentication"""
auth = get_authorization_header(request) auth = get_authorization_header(request)
raw_token = validate_auth(auth) raw_token = validate_auth(auth)
device_token: MobileDeviceToken = MobileDeviceToken.objects.filter(token=raw_token).first() device_token: MobileDeviceToken = MobileDeviceToken.filter_not_expired(token=raw_token).first()
if not device_token: if not device_token:
return None return None
CTX_AUTH_VIA.set("mobile_token") CTX_AUTH_VIA.set("mobile_token")